Yes, this is essentially an unsolvable problem. The minute someone gets access to your system via a login, they can subvert the machine. The best you can do is make it really difficult.
–
Phil HollenbackFeb 14 '11 at 0:24

Are you talking about the shell history? vi shell mode (:sh) launches the user's default shell If that is bash then you can make sure that history logging is always enabled by editing the global /etc/bashrc and adding:

that will ensure that every user command gets logged to a file, it doesn't get overwritten, and it gets updated every time the shell prompt appears.

Note that users can override this in their personal ~/.bashrc so this is not an absolute guarantee that logging will happen.

Some versions of vi (like nvi) support a safe mode that disables shell access, via starting vi as nvi -S. You could set a global alias in /etc/bashrc to force this mode by default as well.

Note that in general the issue of users getting to the shell via unexpected means is a classic unix problem. There's no way to disable this completely, the best you can do is try to limit the access by default. A sophisticated user (or even a user who knows how to use google) can always get around these restrictions. For example if a user doesn't want his shell history logged he could always just exec a new copy of the shell with whatever options he wanted to use.

Here's a great writeup of how to force logging in bash and the ways that logging can be circumvented.

Finally, have you considered just talking to the user to determine what they are doing? 99% of the time simple verbal communication can clear up any confusion. If you are logging this user's activity because you don't trust them, maybe you can talk to them about your concerns.